Security Focus for Exxon: People

Friday, April 5, 2013 @ 04:04 PM gHale

While all companies are aware of the ever growing issue of cyber security hitting the industry, one company, Exxon Mobil, is trying to ingrain security into its DNA, much like safety. The catch is the message is coming from the top.

Exxon Mobil Chief Executive, Rex Tillerson, said the Texas-based multinational oil and gas corporation that’s the second-largest publicly traded company in the world has started taking cyber security just as seriously as the security of physical operations.

“At the end, it all comes back to people, regardless of how great the technology is and regardless of how much the technology enables us to do things without the human hand maybe touching as much,” Tillerson said.

Malware and cyber attacks in general have become highly sophisticated. With enough resources, cybercriminals can breach almost any network.

As reported before, if an attacker is targeting a certain network, he will get in. But the defense can thwart an attack if it has a solid defense in depth program and it remains vigilant.

In quite a few cases, the success of targeted attacks relies on a certain degree of social engineering and the exploitation of human weaknesses, which is why it’s important for organizations to focus on this aspect of security if they want to protect themselves.

That is what Exxon Mobil is working on.

“When you introduce new technology, it still has to be managed by people, so people have to understand that technology. They have to understand its capabilities and, more importantly, they have to understand its limitations,” Tillerson said in a published report.

“So as technology continues to be advanced and introduced into everything that we do, whether it’s computer-related or some other capability, people are still the interface with that technology. So you have to continue to manage the person.”